Security Meets Big Data: RSA's New Security Analytics System

By Robert Westervelt
January 30, 2013 10:15 AM ET

Page 2 of 2

In addition, RSA has designed a new graphical interface that displays suspicious events to a threat analyst for further investigation, and the processing engine learns over time how to prioritize them. The system will identify combinations of vulnerability information and other data to identify high-profile events an analyst needs to look at, said Amit Yoran, senior vice president and general manager of the security management and compliance business unit at RSA. RSA engineers spent almost two years building out the architecture, Yoran said, adding that the Hadoop platform was used because it is optimized for capturing data and building tables for efficient processing.

"We can stream millions of events per second through its clustering event processing engine and it can keep up with thousands of rules running," Yoran said. "It allows us to have an elegant set of rules to start out of the box."

RSA executives said the system will likely start at about $75,000 and increase depending on the capabilities and size of the deployment. The Bedford, Mass., company will offer large-scale deployments for the defense sector, government and the financial industry but the analytics capabilities also can be scaled down for smaller businesses, providing basic log-only and packet-capturing-only capabilities for short-term analytics. Data warehousing can be added as the business grows.

Channel partners, particularly if they have a systems integration arm, may be able to take advantage of the security data analytics approach, according to Enterprise Management Associate's Crawford. Systems integrators should take a close look at the form factor that they plan to deploy these products in when it comes to warehousing. "These warehousing architectures may not be as daunting as channel people might assume," Crawford said. "If they see the form factor and deployment opportunity and it fits with their strategy, it would be worth their while to dig a little bit more into these technologies."

RSA will still continue to sell its point products, said Bill Taylor, senior director, Global Channels and Alliances at RSA. But partners need to pay attention to the big data trend because it will play a lot more into security products in the future, opening up new opportunities for the channel, Taylor said.

"I think EMC is correct on its big data strategy and we're just following suit with our product sets," said Taylor.

PUBLISHED JAN. 30, 2013

<< Previous | 1 | 2

To continue reading this article, please download the free CRN Tech News app for your iPad or Windows 8 device.

Related: Videos | Slide Shows | Comments

SHARE THIS ARTICLE

More Security

Comments by Vanilla

Recent Articles

	Tech 10: Hot Antivirus Alternatives For 2013 CRN identifies 10 vendors that have developed innovative ways to detect malware and analyze threats to better protect corporate networks. They take a giant step beyond traditional signature technologies.
	10 Emerging Security Technologies Gaining Interest, Adoption Despite some security defenses being only in their infancy, they are attracting interest for addressing BYOD issues, cloud security concerns and stolen account credentials. Here's a look at some of the top new security areas gaining industry interest.
	5 Government Intelligence Facilities You've Never Heard Of One facility has been around since the dawn of space exploration, while other buildings are still in construction. But, they all have serious data analysis and surveillance support activities associated with them.
	More Slide Shows